Uploaded image for project: 'Red Hat Advanced Cluster Security'
  1. Red Hat Advanced Cluster Security
  2. ROX-33416

Docs: Update docs with runtime enforcement info

XMLWordPrintable

    • 3
    • False
    • Hide

      None

      Show
      None
    • False
    • Not Selected
    • Yes

      Doc needs update to allay customer confusion:

      https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.9/html-single/operating/index#policy-enforcement-runtime_about-security-policies

      Original text:
      When enforced, a policy violation results in one or more of the following actions:

      • Shutting down an offending pod, which results in creation of another healthy pod in its place
      • RHACS intercepting and preventing certain Kubernetes API calls

      Updates requested:

      Any enforced runtime policy containing at least one policy criteria from under the "User Initiated Container Commands" bucket,  has the enforcement executed as The RHACS admission controller intercepting and preventing certain Kubernetes API calls.

      Any other enforced runtime policy, except those using audit log event source, has the enforcement executed as Shutting down an offending pod, which results in creation of another healthy pod in its place

              Unassigned Unassigned
              kcarmich@redhat.com Kerry Carmichael
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: